Don’t Be Caught by These Common Scams - Part 4

Phishing e-mail scams

Phishing is defined by Wikipedia as “…the attempt to obtain sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication.”

What this means is that the attacker sends an e-mail or social media message to the victim, but the message looks exactly like legitimate messages from their bank, work or even contacts on social media. The message then either contains a link to a fake (but very real-looking) website, or directly asks the victim for information. By logging in to the fake website, the attacker obtains login credentials from a bank account, work account, social network or cloud storage - any data that is considered valuable.
 
Some of these scams are done in such a sophisticated way that even professionals need to double check it. The latest scam pretending to be from ABSA is very concerning, due to the following reasons:

  • It appears to be from an ABSA e-mail address …….@absa.co.za
  • Call centre and other contact details are real
  • Images and contents were copied from the original website
  • The links to the products are legitimate

Two things make it obviously fake:

  • It is not personally addressed and
  • There is a link stating “Download Attached File” to claim your coupons and discounts.

Once one clicks on the “Download Attached File”, a fake website opens where one is requested to insert personal details in order to claim coupons and discounts. The best defence against this is to never click on links or attachments in suspicious e-mails and never enter one's PIN or banking details on a banking site, if one is required to click on a link first.